Recently, the Government of India temporarily blocked Telegram after the messaging app was used to leak questions and organise cheating in a public examination taken by millions of students.
Telegram challenged the move in the Delhi High Court. It argued that the law only allowed blocking specific illegal content and did not permit blocking the entire platform used by millions of users.
The High Court disagreed, in a ruling that changes how technology companies operating in India should think about the architecture of their apps. This change brings to focus the obligation on platforms to prevent recurring harm.
The Court confirmed the government’s long-held position that it had legal authority to block an entire app, not merely specific content published on it. Such a block can be ordered overnight, with the company allowed to argue its case to the government only afterwards.
What matters is not the power itself but what it makes possible: A design flaw that once might have been a customer-service headache can now be the reason an app disappears from a whole country, by government order alone. In the United States, banning an app this way required an act of Congress that then survived a First Amendment challenge in court, as in the recent case over TikTok.
Telegram has large public broadcast channels, automated bot ecosystems, username-based anonymity, mirror and backup channels, and message-editing with timestamp retention. After the action against it, the government separately stopped WhatsApp from introducing a similar username-based messaging option. This confirms a keen regulatory focus on features offered by apps.
The Court, in the context of Telegram, observed that these features made granular enforcement “practically unfeasible,” especially where the abuse is widespread. The Court, therefore, accepted the government’s position that a platform-wide block is proportionate and the only means available.
The reasoning carries a sharp corollary: The less amenable a platform is to pointed enforcement, the more proportionate a total block becomes. Therefore, features built for anonymity, scale and automation now read as a regulatory liability rather than a mere differentiator.
Other jurisdictions are weighing the same question through steadier channels: The European Union assesses this kind of design risk under its Digital Services Act through ongoing audits, rather than case-by-case blocking, while American law largely leaves design choices alone.
This points to a bigger shift already under way in Indian law: Apps are increasingly expected to watch for trouble on their own. Responding to takedown orders after the fact is now insufficient.
The facts bore this out. Telegram had already removed 900 of the 1,300 links the government had flagged, before the emergency block was ordered. The Court held that this response was “not determinative,” since mirror channels, rotating usernames and disposable “burner” accounts kept the same content resurfacing elsewhere. In effect, the Court judged Telegram not on its takedown record, but on whether its architecture could stop the harm from repeating.
That distinction matters because India’s rules for online intermediaries such as social media and messaging apps were built around the opposite idea. A company is shielded from liability for what users post. This is so long as it acts promptly once told about a problem, creating a “safe harbour” from liability.
There now needs to be broader consideration of design and architecture choices, the likelihood of misuse, and proactive measures to prevent the proliferation of abuse. A design-for-compliance review is now likely to develop as a norm as new and old entrepreneurs think about application-based services.
This change in approach does sit uneasily with the Supreme Court’s 2015 ruling in Shreya Singhal, which held that companies should act only on actual notice of illegal content. Having said that, it is anticipated that the principles set out in Shreya Singhal will need to be reimagined based on current challenges and instances of widespread public harm.
Telegram’s case provides key lessons for app-based businesses in India.
First, focus on early detection of harmful content and quickly prevent its spread rather than after a complaint. Second, devise a ready shutdown contingency plan for operational continuity to the extent possible for existing users. Finally, internal risk reporting must move beyond the “safe harbour” framework to active structural safeguards.
Critically, these obligations bind foreign and domestic operators alike: The Court treated Telegram’s incorporation abroad as legally irrelevant and expected a resident officer able to act within the compliance timelines, so offshore structuring offers no shelter. The ability to withstand a platform-wide block, the governance of design choices, and preparedness for a public-order crisis now demand equal attention.
The lesson from Telegram is clear: An app’s design is its first line of legal defence or could be its first point of failure.
Sidhant Kumar is a Partner, and Lahar Jain an Associate, at Unum Law
